When and How to Use TKIP and WEP
Many wireless security companies base their marketing
strategy on the vulnerabilities of WEP. Even if the hacker is on a fully used
wireless network using WEP cracking tools such as WEPcrack [3] or Airsnort [4], it can take hours or days to
collect enough packets to exploit WEP. It is unlikely that a hacker is going to
spend the extensive effort (hours or days) needed to crack a WEP key on a home
or SOHO network. It is also unlikely that a hacker is going to target a
corporate system unless they have inside information about the value of the
information stored on the WEP-protected network.
Although superior to WEP, TKIP is not intended to be a long-term
solution. TKIP provides only minimal security on the devices on which it is used and significantly degrades network
performance. TKIP will be an interim solution until WEP is replaced by AES,
which will eliminate the vulnerabilities of WEP and provide a stronger solution
than TKIP through the use of the Rijndael algorithm instead of RC4.
For the near term, WEP and TKIP will continue to be the
solution of choice for some wireless networks because faster hardware is
required to process the AES algorithm, and older hardware cannot be upgraded to
support it. Although AES devices will likely be backward compatible, the
continued use of the older hardware will require the use of WEP or TKIP to
communicate securely, albeit in a less secure manner than AES.
Sections
Archive
Syndication
